We recognise that the only way for CCCP to be really secure is to use
encryption of all CCC packets, and CCCP will support an encryption
scheme. The key distribution problem is considered to be outside the scope
of CCCP itself, and CCCP will require the application to pass the key to
it. After this, all CCCP messages from this library will be encrypted, and
non-encrypted messages will be ignored.
CCCP will allow an encryption key per conference id, and a key for messages
not associated with any conference. Which encryption key to use for
outgoing messages is chosen by the CCC library according to the conference
id. Once the application has passed the set of keys to the CCC library, it
no longer has to concern itself with encryption.
Encryption and Host Access can be used simultaneously.